In large enterprises and organizations, employees must interact with multiple applications and access sensitive information. Each application has its own authentication methods that require users to specify different usernames and passwords. This forces the users to maintain and manage different usernames and passwords to each of the numerous applications, which can be inconvenient and difficult.
To resolve these issues, a solution is needed to avoid the necessity of users remembering numerous passwords while simultaneously providing users access to the required sensitive data without compromising on security.
Novell SecureLogin is a single sign-on product that provides this kind of ease for password management.
Novell SecureLogin utilities and components are designed to enable single sign-on for Windows, Web, Java, and terminal emulator applications.
It supports both username and password authentication, and also multi-factor authentication such as smart card, token, or biometric authentication at the network and application levels.
Novell SecureLogin has the following features:
Eliminates the requirement for users to remember multiple usernames and passwords beyond their initial login. It stores usernames and passwords and automatically specifies them for users when required. With this feature, users are no longer required to remember and manually provide their credentials to log in to an application.
It quickly retrieves and specifies user credentials, which results in faster login.
It helps reduce calls to the Help Desk about locked accounts and forgotten usernames and passwords.
It makes use of multiple integrated security systems that provide authentication and single sign-on to networks and applications.
It provides a single entry point to the corporate network and its user resources, which increases security and enhances compliance with corporate security policies.
It stores and encrypts user credentials in the directory: eDirectory, Active Directory, or other LDAP-compliant directories, and optionally caches them in an encrypted format on the local workstation.
With this level of encryption, an administrator with complete rights cannot view a user’s credentials.
If required, an administrator can set a new password under some circumstances, such as disaster recovery, but cannot view the existing password.
Client Login Extension 3.7 provides password recovery support for applications that are accessed through Novell SecureLogin 7.0 SP1. The password recovery support through Client Login Extension tool is also available for locked workstations and for workstations in which user operations are controlled by Desktop Automation Services (DAS).
It employs two methods of fault tolerance:
It uses local encrypted caching to ensure that the network downtime does not affect the single sign-on performance. If the corporate network is down, caching enables application logins to continue uninterrupted.
It uses application definitions to cater to different login conditions and errors during the login.
It maintains single sign-on integrity for all mobile and remote users by locally encrypting the cache regardless of the network connectivity. If permitted, mobile users can update their single sign-on credentials when they are disconnected from the network and update the directory with these details when they attach later.
Because Novell SecureLogin is a directory-enabled product, users can:
Log in from anywhere and get capabilities as if they were working from their own desks.
Log in and log out quickly because they authenticate only to the directory, and not to Windows itself.
Roam the enterprise and log in to different machines during the day.
Work on a laptop in a disconnected mode because their login credentials are saved to a local, encrypted cache.
Securely use a shared, kiosk-type workstation where many people log in temporarily for quick work, then log out.
Novell SecureLogin includes wizards, directory console plug-in, and tools which make it easy to centrally configure for use on the corporate network.
Includes management utilities that allows the administrators and end-users to view their single sign-on details and, if permitted enable single sign-on applications.